This Linux grinch could put a hole in your security stocking

Discussion in 'other security issues & news' started by ronjor, Dec 16, 2014.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
  2. Gullible Jones

    Gullible Jones Registered Member

    Joined:
    May 16, 2013
    Posts:
    1,459
    The article is not just content free, it's flat wrong. This is a local privilege escalation hole, not remote; and it's in Polkit, not a kernel component. The original blog post explains it well though:

    https://www.alertlogic.com/blog/dont-let-grinch-steal-christmas/

    I can't say I'm surprised though, Polkit always struck me as hugely overcomplicated and untrustworthy.
     
  3. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,257
    Thanks for explanation GJ, perfect example to indicate that you had better look for primary source when the title is sensational.
     
Loading...